← 返回 Skills 市场
52yuanchangxing

Permission Footprint Reviewer

作者 vx:17605205782 · GitHub ↗ · v1.0.0 · MIT-0
darwinlinuxwin32 ✓ 安全检测通过
149
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install permission-footprint-reviewer
功能描述
梳理某个 Skill、脚本或工作流需要的权限,并提出最小权限替代方案。;use for permissions, least-privilege, security workflows;do not use for 绕过系统安全控制, 生成提权方法.
安全使用建议
This skill appears to do what it claims: local, read-only auditing and structured recommendations. Before running: (1) inspect scripts/run.py yourself (it is included) and run with --dry-run to verify behavior; (2) avoid pointing the tool at system roots or directories with highly sensitive data unless you intend that scan; (3) prefer running in an isolated/sandbox workspace and review outputs before saving or sharing them; (4) remember the tool can write output files if you pass --output (omit or use --dry-run to avoid accidental writes).
功能分析
Type: OpenClaw Skill Name: permission-footprint-reviewer Version: 1.0.0 The 'permission-footprint-reviewer' skill is a security auditing tool designed to analyze scripts and workflows for over-privileged configurations. The core logic in 'scripts/run.py' performs static analysis, scanning for risky patterns like 'curl|bash' or hardcoded secrets (which it masks before reporting), and generates structured Markdown reports. The instructions in 'SKILL.md' and 'README.md' are strictly aligned with its defensive purpose, explicitly forbidding the generation of privilege escalation methods or bypassing security controls.
能力评估
Purpose & Capability
Name/description match the actual behavior: the package is an audit helper that reads local inputs and produces structured reports. Declared requirement (python3) is proportional; no unrelated env vars or credentials are requested.
Instruction Scope
SKILL.md and scripts instruct the agent to read provided files/dirs (or use templates) and produce audit reports. This is within scope. Note: the runtime script will read arbitrary files under any user-supplied path (recursively up to configured limits), so providing a root/system path will make it scan many files and potentially surface sensitive content — this is expected for an auditor but worth being mindful of.
Install Mechanism
No install spec; instruction-only with a local Python script. No downloads or external package installs are performed, minimizing install-time risk.
Credentials
No environment variables, credentials, or config paths are required. The script only reads user-supplied input paths and local resource files included in the skill.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide settings. It can write its own output file when asked (normal behavior) but otherwise operates read-only unless the user requests writes.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install permission-footprint-reviewer
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /permission-footprint-reviewer 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of permission-footprint-reviewer. - Provides a skill for auditing permissions required by scripts, skills, or workflows and suggests least-privilege alternatives. - Emphasizes safe boundaries: does not assist in bypassing controls or generating privilege escalation methods. - Offers a structured review including permission footprint, usage explanation, excessive permissions, least-privilege substitutions, isolation advice, and a review checklist. - Generates an explicit “review draft” before actionable checklists and flags missing information as “pending confirmation.” - Adheres to clearly defined audit, output, and runtime rules for safety and compliance.
元数据
Slug permission-footprint-reviewer
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Permission Footprint Reviewer 是什么?

梳理某个 Skill、脚本或工作流需要的权限,并提出最小权限替代方案。;use for permissions, least-privilege, security workflows;do not use for 绕过系统安全控制, 生成提权方法. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 149 次。

如何安装 Permission Footprint Reviewer?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install permission-footprint-reviewer」即可一键安装,无需额外配置。

Permission Footprint Reviewer 是免费的吗?

是的,Permission Footprint Reviewer 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Permission Footprint Reviewer 支持哪些平台?

Permission Footprint Reviewer 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux, win32)。

谁开发了 Permission Footprint Reviewer?

由 vx:17605205782(@52yuanchangxing)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论